AVG-2508 log
Package | libjxl |
Status | Fixed |
Severity | Medium |
Type | multiple issues |
Affected | 0.6-1 |
Fixed | 0.6.1-1 |
Current | 0.11.1-1 [extra] |
Ticket | None |
Created | Mon Nov 1 14:36:39 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-22564 | Medium | Yes | Arbitrary code execution | In libxjl before version 0.6.1, for certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when... |
CVE-2021-22563 | Medium | Yes | Information disclosure | Invalid JPEG XL images using libjxl before version 0.6.1 can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines. The OOB... |